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—The MAILING DATE of this communication appears on the cover sheet beneath the correspondence address- 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE_^ MONTH(S) FROM THE MAILING DATE 

OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed after SIX (6) MONTHS 
from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, such period shall, by default, expire SIX (6) MONTHS from the mailing date of this communication . 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 



^ p? 



Status 

^"""■H Responsive to communication(s) filed on_ 

□ This action is FINAL. 

□ Since this application is in condition for allowance except for formal matters, prosecution as to the merits is closed in 
accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 ; 453 O.G. 213. 



Disposition of Claims 

Claim(s) 1 > s 



Jtyare pending in the application. 



- Qfthe above clatm(s) 2 ~^> 7 ~ ' "> , x 3o 

□ Claim(s)- 



-JtS/are withdrawn from consideration. 
_is/are allowed. 



^Na Claim(s) S~ V?- ^ W 3>) , 
□ Claim(s) 



-H§/are rejected. 
- is/are objected to. 



□ Claims- 



Application Papers 

See the attached Notice of Draftsperson's Patent Drawing Review, PTO-948. 

□ The proposed drawing correction, filed on is □ approved □ disapproved. 

□ The drawing(s) filed on is/are objected to by the Examiner. 

□ The specification is objected to by the Examiner. 

□ The oath or declaration is objected to by the Examiner. 

Priority under 35 U.S.C. § 119 (a)-(d) 

□ Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 11 9(a)-(d). 

□ All DSome* □ None of the CERTIFIED copies of the priority documents have been 

□ received. 

□ received in Application No. (Series Code/Serial Number) 



are subject to restriction or election 
requirement. 



□ received in this national stage application from the International Bureau (PCT Rule 1 7.2(a)). 

'Certified copies not received: 

Attachment(s) 



Information Disclosure Statement(s), PTO-1449, Paper No(s) _ 

Notice of Reference(s) Cited, PTO-892 

Notice of Draftsperson's Patent Drawing Review, PTO-948 

Office Action Summary 



□ Interview Summary, PTO-413 

□ Notice of Informal Patent Application, PTO-152 

□ Other 



U. S. Patent and Trademark Office 
PTO-326 (Rev. 9-97) 



*U.S. GPO: 1997-433-221/62717 



Part of Paper No._ 



PART III. DETAILED ACTION 



Claim Rejections - 35 USC § 112 

1 . The rejections under 35 U.S.C. 1 12 has been withdrawn. 

Claim Rejections - 35 USC § 103 

2. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness rejections 

set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this 
title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a 
whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said 
subject matter pertains. Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 1,5,6,18,19,23 and 31 are rejected under 35 USC 103(a) as being unpatentable over Elgamal 
et al., U.S. Patent No. 5,657,390 in view of the applicant's admitted prior art. 

As per claims 1,5,18 and 31, Elgamal teaches a system and method for carrying out communications 
over a network including a server and one or more client computers, each including means for transmitting 
data to and receiving data from an open network. The system including means for performing the functions 
of intercepting function calls and requests for service sent by an application program on one of the client 
computers to a lower level set of communication drivers (lower layers),and means for causing an application 
level authentication and encryption program in one of the client computers to communicate with the server, 
generate a session key and encrypt files sent by the application program before transmitting them over the 
open network (via the physical layer), (see entire patent, specifically, Figures 8-1 1 and column 3 lines 20-55 
and column 5 line 15 to column 8 line 32 and column 1 1 line 1 to column 16 line 49, specifically column 12 
lines 13-67). The system includes the use of SSL library software which is inserted between the application 
layer and the transport layer, and the Winsock socket, which allows the system to perform the security 
features such as authentication and encryption functions described above. 



As per claims 1,5,18 and 31, Elgamal does not specifically state that the network system is a VPN 

type. 

The applicant's admitted prior art teaches a similar secure network system for a VPN environment 
wherein a authentication and encryption takes place for secure communications between a client and a server, 
or another client. The system uses similar features as Elgamal, including a socket (Winsock) and application 
level security software to perform a secure transmission between the two entities. (Figures 1,2 and pages 1-12 
and page 1 line 19 to page 23 line 27). 

It would have been obvious to one of ordinary skill in the art, at the time the invention was made, to 
allow ElgamaFs system to be specifically utilized as a VPN as shown by the applicant's admitted prior art, 
because it would enable for the system to establish a secure communications between a private network, and a 
unsecured public network, such as the Internet, thus enabling the private network to reap the benefits of the 
communication advantages of using such a large unsecured network. This would have been obvious because 
Elgamal essentially operates similar to a VPN because the client system is allowed to securely communicate 
with a server located on a large public network such as the Internet. The client can receive information from 
the Internet's servers thus establishing a communication between the two. One of ordinary skill in the art 
would have recognized this, along with the teachings by the applicant's admitted prior art, and thus been 
motivated to allow ElgamaFs system to be specifically utilized in a VPN (or labeled as such), for the reasons 
set forth above. 

As per claims 5 and 18, although Elgamal does not label the SSL library as a "shim" it would have 
been obvious to one of ordinary skill in the art to realize that these functions operate similar to shims in that 
they are added functions that utilize the calls and services of the lower layers, and allow the system to perform 
additional functions (security functions) not available previously, with minimal or no modification to the 
higher layers. Accordingly, it would have been obvious to one of ordinary skill in the art to utilize shims to 
perform the security features of the SSL functions because as mentioned above, they would perform the same 
functions. 



As per claims 6,19 and 23, Elgamal teaches the lower layers including transport and network layers, 
which inherently perform their well known and established functions of arranging packets for transmission 
over the open network, as well as the use of an applications socket (Winsock) which facilities service requests 
by the application programs to the transport driver interface layer (TCP/IP layer). Elgamal also shows the 
"shim" or SSL library being positioned between the socket and the applications layer, (which for purposes of 
claim 23 also is located between the transport driver layer and the applications layer) and intercepts calls to 
the socket and allows the security functions described previously to be performed (session key generations 
and authentication procedures). The applicant's admitted prior art shows the use of application level 
authentication and encryption programs which performs the above noted security functions. It would have 
been obvious to one of ordinary skill in the art, at the time the invention was made, to allow ElgamaFs 
"shims" to utilize and initiate the application level security functions, as those taught by the applicant's 
admitted prior art, because it ensures that the security features already available to the communication system 
are initiated and utilized when the applications within the client are calling for establishment of 
communication with an unsecured network, i.e the server. This would have been obvious because Elgamal 
shows the "shim" being located between the socket and the application layers, and one of ordinary skill in the 
art would have recognized this, along with the teachings of the applicant's admitted prior art (Figure 2), and 
thus been motivated to allow the security functions performed by the application level programs are utilized 
via the SSL library, for the obvious reasons set forth above, namely to ensure secure communication between 
the client and server, via the socket (Winsock). 

Response to Amendment 

Applicant has amended the claims to overcome the rejection of 35 U.S.C. 1 12, and reinstate the 
rejected claims of the parent applicant. 

As to the remarks that the prior art fails to teach the claimed session key the examiner disagrees. A 
session key for encrypting may be found at col. 2, lines 4 et seq., and the other places noted in the application. 



• 



As to the specialized functions of the shims, the specific functions are not recited in the claims and 



The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 

Any inquiry concerning this communication or earlier communications from the examiner should be 
directed to Norman Wright whose telephone number is (703) 305-9586. The examiner can normally be 
reached Monday- Fridays, from 8:30 AM to 5:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Robert 
Beausoliel, can be reached at (703) 305-9713. The fax number for this Group is (703) 308-6606. 

Any inquiry of a general nature or relating to the status of this application should be directed to the 
Group receptionist whose telephone number is (703) 305-4700. 



Any response to this action should be mailed to: 



are therefore moot. 



Conclusion 



Commissioner of Patents and Trademarks 
Washington, D.C. 20231 , 



or faxed to: 



(703) 308-9051, (for formal communications intended for entry) 



Or: 



(703) 305-9724, (for informal or draft communications, please label "PROPOSED' 
or "DRAFT") 



Hand-delivered responses should be brought to Crystal Park II, 2121 Crystal Drive, 
Arlington. VA., Sixth Floor (Receptionist). 




NormaK Wright 
PatehUaxaminer 
Art Unit 2785 



